No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
permit-vlan vlan-id

permit-vlan vlan-id

Function

The permit-vlan vlan-id command enables the authorization VLAN verification function and specifies VLANs from which packets are allowed to pass through.

The undo permit-vlan vlan-id command deletes VLANs from which packets are allowed to pass through.

By default, the authorization VLAN verification function is disabled.

Format

permit-vlan vlan-id { vlan-id1 [ to vlan-id2 ] } &<1-10>

undo permit-vlan vlan-id { { vlan-id1 [ to vlan-id2 ] } &<1-10> | all }

Parameters

Parameter

Description

Value

vlan-id1 [ to vlan-id2 ]
Configures VLANs from which packets are allowed to pass through.
  • vlan-id1 specifies the first VLAN ID.
  • to vlan-id2 specifies the last VLAN ID. The vlan-id2 value must be greater than the vlan-id1 value. The vlan-id1 and vlan-id2 values jointly specify a value range.

If to vlan-id2 is not specified, only the VLAN specified by vlan-id1 is considered as the VLAN from which packets are allowed to pass through after being verified using the authorization VLAN verification function.

You can specify a maximum of 10 VLAN ranges at a time. The entered VLAN ranges cannot overlap.
  • The value of vlan-id1 is an integer that ranges from 1 to 4094.
  • The value of vlan-id2 is an integer that ranges from 1 to 4094.

all

Deletes all VLANs from which packets are allowed to pass through.

-

Views

VAP profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When VLAN-based remote authorization is performed using the RADIUS server, you can run this command to enable the authorization VLAN verification function to limit the effective scope of authorization VLANs for authorized users. The authorized users can obtain the network access permission of the authorization VLANs only after passing the verification; otherwise, the users can only access network resources using service VLANs.

When the authorization VLAN verification function is disabled, the authorization VLAN function takes effect for all authorized users.

Precautions

The authorization VLAN verification function takes effect only in scenarios where VLAN-based remote authorization is performed using the RADIUS server.

Example

# In the VAP profile named vap1, enable the authorization VLAN verification function and configure VLAN 101 as a VLAN from which packets are allowed to pass through.

<AC6605> system-view
[AC6605] wlan
[AC6605-wlan-view] vap-profile name vap1
[AC6605-wlan-vap-prof-vap1] permit-vlan vlan-id 101
Related Topics
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3186236

Downloads: 595

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :